Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/accde8-f46f-4ef9-94af-8dd81e4b3e33/1/lYz1zlWba0SBvTHR8SXpTPr99OQ.roa
File: lYz1zlWba0SBvTHR8SXpTPr99OQ.roa (raw, json)
Hash identifier: yzkj7xnYL4KuaUp0F4fmx0JkUcA+7mLw6r72I45LFFs=
Subject key identifier: 95:8C:F5:CE:55:9B:6B:44:81:BD:31:D1:F1:25:E9:4C:FA:FD:F4:E4
Certificate issuer: /CN=2e6b33413faa5e5e1d279a2a25ff81d8d15325df
Certificate serial: 0182A57D6E58C271E9D2BD925E01357E1C58
Authority key identifier: 2E:6B:33:41:3F:AA:5E:5E:1D:27:9A:2A:25:FF:81:D8:D1:53:25:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmszQT-qXl4dJ5oqJf-B2NFTJd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/accde8-f46f-4ef9-94af-8dd81e4b3e33/1/lYz1zlWba0SBvTHR8SXpTPr99OQ.roa
Signing time: Tue 16 Aug 2022 07:10:37 +0000
ROA not before: Tue 16 Aug 2022 07:10:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16220
IP address blocks: 89.38.156.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:a5:7d:6e:58:c2:71:e9:d2:bd:92:5e:01:35:7e:1c:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e6b33413faa5e5e1d279a2a25ff81d8d15325df
Validity
Not Before: Aug 16 07:10:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=958cf5ce559b6b4481bd31d1f125e94cfafdf4e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:7a:01:44:92:50:26:71:8b:a1:33:04:d4:b5:
e1:35:ed:f1:6a:37:0f:4e:75:c3:a5:d3:f8:85:a6:
9b:6c:57:7d:2d:e6:70:1b:ab:9e:00:e2:ac:cd:a1:
2f:ec:93:6c:a5:5c:15:3c:12:37:9a:74:81:9a:9e:
dc:23:b8:fe:7c:70:19:37:51:d2:07:5c:b8:0c:b1:
e0:61:d7:36:34:54:99:07:24:f9:08:d2:4a:d8:5f:
db:38:ee:fe:ea:86:f7:a3:6f:07:8b:64:a3:c6:0d:
4c:6a:7a:97:d7:c7:85:b5:82:6e:27:38:51:c0:93:
1c:15:e7:1d:f1:d0:c6:48:d4:62:6c:bf:f0:5c:23:
11:bd:86:1d:9b:29:65:d5:0b:b3:53:67:f8:18:fc:
4a:d8:25:bd:70:fa:68:2e:91:42:f6:f2:06:17:6e:
56:c4:7c:b9:93:06:7e:9a:2c:3c:c0:35:20:bd:f1:
b0:98:84:43:35:e2:9a:33:01:c1:96:e6:a7:39:88:
cf:d2:86:88:ce:12:7c:d0:52:72:e2:10:f5:da:11:
0e:52:7e:6f:d5:88:9a:1e:3f:17:96:66:b6:cc:46:
ff:23:7a:49:e7:5a:a0:1c:5b:4d:bf:48:bd:d6:e3:
a8:3f:b9:bd:ac:21:12:2d:4f:08:57:65:a0:28:79:
66:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:8C:F5:CE:55:9B:6B:44:81:BD:31:D1:F1:25:E9:4C:FA:FD:F4:E4
X509v3 Authority Key Identifier:
keyid:2E:6B:33:41:3F:AA:5E:5E:1D:27:9A:2A:25:FF:81:D8:D1:53:25:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmszQT-qXl4dJ5oqJf-B2NFTJd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/accde8-f46f-4ef9-94af-8dd81e4b3e33/1/lYz1zlWba0SBvTHR8SXpTPr99OQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/accde8-f46f-4ef9-94af-8dd81e4b3e33/1/LmszQT-qXl4dJ5oqJf-B2NFTJd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.38.156.0/22
Signature Algorithm: sha256WithRSAEncryption
44:5c:5a:c2:b6:96:ac:d5:6b:98:6d:cd:3b:e4:b2:bb:6e:7b:
d8:f0:cc:e1:bf:6b:8b:a9:21:38:f7:99:8b:14:df:8f:6c:fc:
41:cc:c2:12:4c:50:ba:89:c3:6f:62:9d:fc:de:05:ef:ef:61:
f5:93:c7:fb:73:0a:96:aa:c3:d6:f5:5e:e5:12:a7:31:65:4d:
35:56:a6:87:82:c8:b7:1f:da:65:f0:91:56:c8:54:63:5a:9a:
fd:e1:b3:a0:b0:38:54:fc:69:f1:65:1e:9d:c3:a3:73:03:51:
1d:3b:94:e9:bb:a2:01:7d:f7:03:3d:90:a8:f7:88:c4:ec:90:
71:b7:60:0c:e6:ba:6b:88:7c:39:d2:82:ca:ae:36:25:f2:76:
79:cb:56:a0:f2:ae:c8:74:b6:91:de:a7:a6:a8:64:a3:0c:48:
fa:f0:fd:8f:63:85:4d:0d:84:37:2c:7c:76:21:b1:7a:bb:e9:
b9:94:f9:7c:25:62:d8:01:90:43:e9:87:cb:cc:a9:31:bf:3b:
9a:74:6f:d6:18:04:bb:be:ae:0e:27:75:ee:b3:2e:c1:5a:c2:
6c:7c:ed:17:93:3f:6a:55:34:1d:b4:f2:f8:78:13:6d:59:39:
6f:3b:1e:15:cd:3f:4a:f4:29:1f:da:01:f6:b0:7c:de:91:53:
a8:cf:38:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKlfW5YwnHp0r2SXgE1fhxYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNmIzMzQxM2ZhYTVlNWUxZDI3OWEyYTI1ZmY4MWQ4ZDE1
MzI1ZGYwHhcNMjIwODE2MDcxMDM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NThjZjVjZTU1OWI2YjQ0ODFiZDMxZDFmMTI1ZTk0Y2ZhZmRmNGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXoBRJJQJnGLoTME1LXhNe3xajcP
TnXDpdP4haabbFd9LeZwG6ueAOKszaEv7JNspVwVPBI3mnSBmp7cI7j+fHAZN1HS
B1y4DLHgYdc2NFSZByT5CNJK2F/bOO7+6ob3o28Hi2Sjxg1ManqX18eFtYJuJzhR
wJMcFecd8dDGSNRibL/wXCMRvYYdmyll1QuzU2f4GPxK2CW9cPpoLpFC9vIGF25W
xHy5kwZ+miw8wDUgvfGwmIRDNeKaMwHBluanOYjP0oaIzhJ80FJy4hD12hEOUn5v
1YiaHj8Xlma2zEb/I3pJ51qgHFtNv0i91uOoP7m9rCESLU8IV2WgKHlm6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJWM9c5Vm2tEgb0x0fEl6Uz6/fTkMB8GA1UdIwQY
MBaAFC5rM0E/ql5eHSeaKiX/gdjRUyXfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG1zelFULXFYbDRkSjVvcUpmLUIyTkZUSmQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hY2NkZTgtZjQ2Zi00ZWY5LTk0YWYt
OGRkODFlNGIzZTMzLzEvbFl6MXpsV2JhMFNCdlRIUjhTWHBUUHI5OU9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9hY2NkZTgtZjQ2Zi00ZWY5LTk0YWYtOGRkODFlNGIzZTMz
LzEvTG1zelFULXFYbDRkSjVvcUpmLUIyTkZUSmQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWSacMA0G
CSqGSIb3DQEBCwUAA4IBAQBEXFrCtpas1WuYbc075LK7bnvY8Mzhv2uLqSE495mL
FN+PbPxBzMISTFC6icNvYp383gXv72H1k8f7cwqWqsPW9V7lEqcxZU01VqaHgsi3
H9pl8JFWyFRjWpr94bOgsDhU/GnxZR6dw6NzA1EdO5Tpu6IBffcDPZCo94jE7JBx
t2AM5rpriHw50oLKrjYl8nZ5y1ag8q7IdLaR3qemqGSjDEj68P2PY4VNDYQ3LHx2
IbF6u+m5lPl8JWLYAZBD6YfLzKkxvzuadG/WGAS7vq4OJ3Xusy7BWsJsfO0Xkz9q
VTQdtPL4eBNtWTlvOx4VzT9K9Ckf2gH2sHzekVOozzgX
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:42:42 2025 by rpki-client